Familiar App

Security checks across malware telemetry and agentic risk

Overview

The skill is coherent, but its deployment instructions can expose an autonomous social-posting admin service with known default credentials.

Review the external GitHub code before running it. Set a strong FAMILIAR_PASSWORD before first launch, do not expose port 18790 publicly with the default credentials, restrict access to trusted IPs or localhost, and confirm you can stop or pause autonomous posting for every connected account.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 98% confidence
Finding: The documentation explicitly publishes default admin credentials (`admin / familiar`) and does not place an immediate, prominent requirement to change them before first exposure. If an operator follows these instructions as written, any party who can reach the service may authenticate with known credentials and take over the dashboard/API.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The VPS deployment instructions both enable the service at boot and open TCP port 18790 via UFW without warning that the dashboard/API becomes reachable from other systems. In the context of a web admin interface with documented default credentials, this materially increases the likelihood of remote unauthorized access.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal